If you use safesquid , you can not access its webconfig by just typing safesquid.cfg when it's in transparent mode, you can access the webconfig by:http://safesquid.cfg:$PORT/safesquid.cfg, in my case that would be http://safesquid.cfg:8080/safesquid.cfg
You also have to add a dns entry for safesquid.cfg pointing to your proxy IP or else you wont be able to login to safesquid, not sure why…

Hehehe…now you know what you must see first, in fact, "$natrules" and "$ipfrules" is the key for the pfSense to create its own rules.
There is also a copy of running rules, rules.debug in your /tmp. This helps you too.

It is always the best way to sneak around the code, that will definitely help you understand how the pfSense works. ;)

Happy hacking! ;D

BTW. 3000+ ??? mine is only 2912 lines;

wc -l /etc/inc/filter.inc

2912 /etc/inc/filter.inc

I'm running 1.3-AA so there must have been some clean up of the code. :) :) :)